CVE-2019-4383
CVE-2019-4383
Vexday Risk Score
21Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 7.9EPSS 0.4%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
01 Jul 2019Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
When using IBM Spectrum Protect Plus 10.1.0, 10.1.2, and 10.1.3 to protect Oracle or MongoDB databases, a redirected restore operation may result in an escalation of user privileges. IBM X-Force ID: 162165.
CVSS:3.0/S:C/A:N/PR:H/C:H/AC:L/AV:L/I:H/UI:N/RC:C/RL:O/E:U
Affected products
IBM · Spectrum Protect Plus